• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.55-63
• /
• 2020

The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.

• KOMUNHWA
• /
• no.70
• /
• pp.89-108
• /
• 2007

Stamped-Roof Tiles, the characteristics of Baekje Tiles are one of the most frequently excavated tiles in Iksan. Considering the types and amount of excavation of the Stamped-Roof Tiles unearthed in Iksan area, it seems that these are closely related with a Royal family. The tiles might be manufactured by a particular gorup of file maker since they are produced with same way. Referring the Ganji carved in the Stamped-Roof Tiles, I suppose that the tiles were produced and used in two time periods, the time around enthronement of The King Mu and the second quarter of the 7th century around Gichuk, AD. 629. In addition, Convex Tiles used in Wanggung-ri Site and Mireuk Site was also produced in same time as the Stamped-Roof Tiles, considering there pattern and the amount of excavation. The social background of tile production was analogized based on the technology and the time of the tile manufacture as well as the characteristics of the Stamped-Roof Tiles which represent the Obu and the Ohang. The production of the tiles was supported by Obu which aided the King Mu-oriented construction project the economic capacity of the Royal family was not enough to promote. The tile production system was totally controled by the Royal family and the inspector, neither producer nor donator, examined the quantitation of the tiles and generated the imprint of a seal with the Stamped-Roof Tiles.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.63-70
• /
• 2009

Recently, in the security token based authentication system, there is an increasing trend of using fingerprint for the token holder verification, instead of passwords. However, the security of the fingerprint data is particularly important as the possible compromise of the data will be permanent. In this paper, we propose an approach for secure fingerprint verification by distributing both the secret and the computation based on the fuzzy vault(a cryptographic construct which has been proposed for crypto-biometric systems). That is, a user fingerprint template which is applied to the fuzzy vault is divided into two parts, and each part is stored into a security token and a server, respectively. At distributing the fingerprint template, we consider both the security level and the verification accuracy. Then, the geometric hashing technique is applied to solve the fingerprint alignment problem, and this computation is also distributed over the combination of the security token and the server in the form of the challenge-response. Finally, the polynomial can be reconstructed from the accumulated real points from both the security token and the server. Based on the experimental results, we confirm that our proposed approach can perform the fuzzy vault-based fingerprint verification more securely on a combination of a security token and a server without significant degradation of the verification accuracy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1115-1130
• /
• 2020

Modern vehicles are equipped with a number of ECUs(Electronic Control Units), and ECUs can control vehicles efficiently by communicating each other through CAN(Controller Area Network). However, CAN bus is known to be vulnerable to cyber attacks because of the lack of message authentication and message encryption, and access control. To find these security issues related to vehicle hacking, CAN Fuzzing methods, that analyze the vulnerabilities of ECUs, have been studied. In the existing CAN Fuzzing methods, fuzzing inputs are randomly generated without considering the structure of CAN messages transmitted by ECUs, which results in the non-negligible fuzzing time. In addition, the existing fuzzing solutions have limitations in how to monitor fuzzing results. To deal with the limitations of CAN Fuzzing, in this paper, we propose a Non-Random CAN Fuzzing, which consider the structure of CAN messages and systematically generates fuzzing input values that can cause malfunctions to ECUs. The proposed Non-Random CAN Fuzzing takes less time than the existing CAN Fuzzing solutions, so it can quickly find CAN messages related to malfunctions of ECUs that could be originated from SW implementation errors or CAN DBC(Database CAN) design errors. We evaluated the performance of Non-Random CAN Fuzzing by conducting an experiment in a real vehicle, and proved that the proposed method can find CAN messages related to malfunctions faster than the existing fuzzing solutions.

• Korea Trade Review
• /
• v.42 no.4
• /
• pp.93-114
• /
• 2017

Under the FTA agreement, preferential tariffs between FTA members will result in tariff reductions. In order to ensure the stable use of the FTA tariff system, it is necessary for the customs authorities to determine whether the origin goods are clearly applicable. This study analyzed the procedure of appeal according to the origin verification system based on the decision made by Korea Customs Service and Tax Tribunal. From this, we examined whether the rate of re-claiming a case rejected in the 'Review System of the Legality Before Taxation' differs. In addition, we carried out a quantitative analysis using bootstrapping technique in order to overcome the scarcity cases of verification of origin among FTA members. The implications of this paper are summarized as follows: First, we tested the hypothesis that the re-claiming rate of Western countries is higher. Second, some issues represented higher re-claiming rate. Third, there was no significant difference between the verification group and the re-claiming rate. Finally, even if an applicant makes a claim again, there is a possibility of being rejected again.

• Korean Journal of Food Science and Technology
• /
• v.52 no.1
• /
• pp.1-10
• /
• 2020

The present study identified the restrictions on the use of sous-vide products in the Korean HMR market for small and medium-sized manufacturing companies. A detailed literature review revealed that the HMR market in Korea is close to saturation. Notably, the technologically advanced products produced using sous-vide seem to display significant potential to overcome market saturation. The sous-vide method differs from conventional cooking techniques and is characterized by maintenance of food texture along with flavor enhancement. However, due to the unfamiliarity of the manufacturers with this method and the unclear food safety regulations, mass food manufacturing companies do not agree on using this method; hence, sous-vide production is usually undertaken by small/medium sized companies catering primarily through online marketing portals. This study highlights the various restrictions to the implementation of sous-vide production, and discusses several practical implications of sous-vide production that would help users of this technique enter the HMR market.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10a
• /
• pp.424-426
• /
• 1998

공간정보의 효율적 공유를 위해 인터넷 기반 GIS소프트웨어 개발 및 응용과 관련된 연구가 활발히 진행 중에 있다. 여러 인터넷 GIS의 기본적인 요구사항 및 현재까지 개발모델과 문제점을 살펴보고, 표준 인터넷 기술을 기반으로 최근 웹 기술 표준 동향을 포함한, OpenGIS상호 운용성이 지원되는 인터넷 GIS기본 구조를 제시하고자 한다. 표준화될 인터넷 GIS 속도 향상과 TCP/IP상의 보안문제가 해결되어야 하고, OpenGIS에서 구성하고 있는 공간 데이터 공유를 위한 표준 사양을 준수할 뿐 아니라 클라이언트/서버의 부하가 최적화된 구조여야한다. 특히 웹 중심의 각종 인터넷 기술들, 즉 HTTP NG. XML, SSL등의 표준 기술이 함께 적용되어야 한다. 새로운 인프라구조는 GIS D/B에 포함된 확장된 (Enhanced) HTTP/MAP 서버와 클라이언트로 구성된다. MAP클라이언트는 MIME-TYPE 에 따라 GIS데이터를 표시할 수 있는 윈도우 환경으로 변환되며 GIS 데이터셋은 XML을 기반으로 하는 MapML(Mapping Makup Language)를 통해 형식을 정한다. 클라이언트가 MapML 토큐먼트를 통해 정의된 구획의 레이어와 벡터 데이터를 요청하고, Map서버는GIS D/B에서 WKB 혹은 소위 VML 형태로 추출하여 클라이언트로 보내주게 된다. 주어진 구획은 MapML로 정의된 속성들을 통해 각종 부가 정보를 열람할 수 있다. MAP은 HTTP와 같은 형태로 동작하므로 전자인증, 암호화를 통한 GIS정보 보안, 클라이언트와 서버 부하의 효율적인 분배 XML을 통한 다양한 GIS속성표현이 가능하다. 본 구조는 Apache +Amiya + Crass D/B+ MapML 환경에서 구현되고 있다.팔일 전송 기법을 각각 제시하고 실험을 통해 이들의 특성을 비교분석하였다.미에서 uronic acid 함량이 두 배 이상으로 나타났다. 흑미의 uronic acid 함량이 가장 많이 용출된 분획은 sodium hydroxide 부분으로서 hemicellulose구조가 polyuronic acid의 형태인 것으로 사료된다. 추출획분의 구성단당은 여러 곡물연구의 보고와 유사하게 glucose, arabinose, xylose 함량이 대체로 높게 나타났다. 점미가 수가용성분에서 goucose대비 용출함량이 고르게 나타나는 경향을 보였고 흑미는 알칼리가용분에서 glucose가 상당량(0.68%) 포함되고 있음을 보여주었고 arabinose(0.68%), xylose(0.05%)도 다른 종류에 비해서 다량 함유한 것으로 나타났다. 흑미는 총식이섬유 함량이 높고 pectic substances, hemicellulose, uronic acid 함량이 높아서 콜레스테롤 저하 등의 효과가 기대되며 고섬유식품으로서 조리 특성 연구가 필요한 것으로 사료된다.리하였다. 얻어진 소견(所見)은 다음과 같았다. 1. 모년령(母年齡), 임신회수(姙娠回數), 임신기간(姙娠其間), 출산시체중등(出産時體重等)의 제요인(諸要因)은 주산기사망(周産基死亡)에 대(對)하여 통계적(統計的)으로 유의(有意)한 영향을 미치고 있어 $25{\sim}29$세(歲)의 연령군에서, 2번째 임신과 2번째의 출산에서 그리고 만삭의 임신 기간에, 출산시체중(出産時體重) $3.50{\sim}3.99kg$사이의 아이에서 그 주산기사망률(周産基死亡率)이 각각 가장 낮았다. 2. 사산(死産)과 초생아사망(初生兒死亡)을 구분(區分)하여 고려해 볼때 사산(死産)은 모성(母

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2000.05a
• /
• pp.101-106
• /
• 2000

자동화 기기 분야에서 컴퓨터의 적용 및 응용은 하드웨어 발달에 따라 매우 빠르고 민감하게 반영되어왔다. 이는 컴퓨터 하드웨어의 빠른 개발 주기에 맞춰 저 가격, 고 효율성, 높은 신뢰성, 호환성 등의 장점을 가진 PC가 현대의 컴퓨터 흐름을 주도하게 되면서 자동화 산업분야 또한 이를 적용하여 왔기 때문이다. 이에 따라, 자동화 기기 분야에서는 고 가격, 긴 개발기간 등을 필요로 했던 과거와 달리 저 가격, 짧은 개발기간, 다양한 개발환경 등을 이룰 수 있었다. 또한, 생산량 증가에만 의존하던 과거와 달리 현대에 이르러서는 시스템의 최적화, 효율의 극대화, 시스템의 안정성, 운용의 편리성, 호환성 등의 개념들이 도입되고 있는 것이다. 자동화 기기를 구성하는 요인으로는 크게 시스템의 틀을 이루는 기계부분과 이를 제어하는 제어 시스템부로 나뉠 수 있다. 제어 시스템에서는 기계부분의 동작을 제어하는 동작 제어부와 이에 관한 정보를 화면에 나타내는 GUI(Graphical User Interface)부분으로 나뉘게된다. 현재에는 이를 통합하여 하나의 하드웨어에서 제어부와 GUI를 모두 담당하는 방법이 연구 진행되고 있으나, 하드웨어를 둘로 나누거나 하나로 하여도 제어부와 GUI 사이의 통신부분은 빼놓을 수 없는 요소가 된다. 따라서, 본 논문에서는 시스템의 안정성을 위하여 두 시스템간에 송·수신되는 데이터를 추적할 수 있도록 하는 Emulate 기법을 구현 및 개발하고자 한다. 이는, 두 시스템간의 통신 데이터를 실시간으로 누적, 저장하여 사용자로 하여금 시스템의 운용상태를 분석할 수 있게 하였으며, 시스템 오류발생 시 Emulate 자료를 근거로 시스템의 운용상태를 파악할 수 있게 하였다.근 제한기능을 제공하며 각 클라이언트와 서버간의 실시간 연결 혹은 지연연결을 지원하는 독립적인 애플리케이션이다. 이러한 처방전달 메시징시스템을 구성하는 각 요소에 대해 정의하고 개념적 모델을 설계하고자 한다.에게 청구되며, 소비자에게 전송 되는 청구서는 사용자DB를 참조하여 사용자가 미리 정의한 원하는 형태로 변환되어 전달되며, 필요시 암호화 과정을 거치는 것이 가능해야 한다. 전송된 청구서는 전자우편의 경우, 암호해독이 가능한 전용 브라우저를 통해 열람 되며, 이는 다시 전용 브라우저를 통해 지불인증이 승인되어 청구 제시서버에게 전송된다. EBPP 시스템의 제어 흐름은 크게 기업이 청구 정보를 소비자에게 제시하는 흐름과 소비자의 지불 승인으로 인해 기업이 은행에 지불을 요구하는 흐름으로 구분할 수 있다. 본 논문에서는 통합 청구서버 및 정구 제시서버의 역할 및 구성 요소들에 대해 서술하고, EBPP 시스템과 연동하여야 하는 메일 서버와의 상호 작용에 대해 서술할 것이다. 본 시스템을 아직 구현이 되지 않은 관계로 시스템의 성능 등의 수치적 결과를 제시할 수 없는 상태다., 취약계층을 위한 일차의료, 의약관리), ${\circled}2$ 보건소 조직 개편 및 민간의료기관과 협력체계 확립, ${\circled}3$ 전문인력 확보 및 인력구성 조정, 그리고 ${\circled}4$ 방문보건사업의 강화 등이다., 대사(代謝)와 관계(關係)있음을 시사(示唆)해 주고 있다.ble nutrient (TDN) was highest in booting stage (59.7%); however no significant difference was foun

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.743-755
• /
• 2013

In recent years, the malicious apps with malicious code in normal apps are increasingly redistributed in Android market, which may incur various problems such as the leakage of authentication information and transaction information and fraudulent transactions when banking apps to process the financial transactions are exposed to such attacks. Thus the financial authorities established the laws and regulations as an countermeasures against those problems and domestic banks provide the integrity verification functions in their banking apps, yet its reliability has not been verified because the studies of the safety of the corresponding functions have seldom been conducted. Thus this study suggests the vulnerabilities of the integrity verification functions of banking apps by using Android reverse engineering analysis techniques. In case the suggested vulnerabilities are exploited, the integrity verification functions of banking apps are likely to be bypassed, which will facilitate malicious code inserting attacks through repackaging and its risk is very high as proved in a test of this study. Furthermore this study suggests the specific solutions to those vulnerabilities, which will contribute to improving the security level of smartphone financial transaction environment against the application forgery attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.2
• /
• pp.423-430
• /
• 2013

Recently, the personal identification technologies using vein pattern of back of the hand, palm, and finger have been developed actively because it has the advantage that the vein blood vessel in the body is impossible to damage, make a replication and forge. However, it is difficult to extract clearly the vein region from captured vein images through common image prcessing based region segmentation method, because of the light scattering and non-uniform internal tissue by skin layer and inside layer skeleton, etc. Especially, it takes a long time for processing time and makes a discontinuity of blood vessel just in a image because it has non-uniform illumination due to use a locally different adaptive threshold for the binarization of acquired finger-vein image. To solve this problem, we propose illumination normalization based fast method for extracting the finger-vein region. The proposed method has advantages compared to the previous methods as follows. Firstly, for remove a non-uniform illumination of the captured vein image, we obtain a illumination component of the captured vein image by using a low-pass filter. Secondly, by extracting the finger-vein path using one time binarization of a single threshold selection, we were able to reduce the processing time. Through experimental results, we confirmed that the accuracy of extracting the finger-vein region was increased and the processing time was shortened than prior methods.